Hey, I use OpenSSH on Windows Server and couldn't get ssh-run to work, mainly because it doesn't allow anything but bash commands. I would like to propose another MODE that just takes the command argument and parses that without the `bash -c` bit.
elif [[ ${MODE} = "windows" ]]; then
info "Executing ${MODE} on ${SERVER}"
run ssh -A -tt -i ~/.ssh/pipelines_id -o 'StrictHostKeyChecking=no' -p ${PORT:-22} ${EXTRA_ARGS} $SSH_USER@$SERVER ${ENV_VARS} "$COMMAND"
(The `-tt` bit might have to be removed)
I've stolen some of the ssh-run pipe code to manually connect to the Windows Server 2016 via SSH and run commands on it from the pipeline.
For example, here is some yaml to first stop Windows services and IIS websites and then run Robocopy on Windows that in this case makes some backups for me before I deploy new code to the server:
- step:
name: Stop services and IIS sites
script:
# Below commands create necessary files for manual ssh to WEB2
- mkdir -p ~/.ssh
- cp /opt/atlassian/pipelines/agent/ssh/id_rsa_tmp ~/.ssh/pipelines_id
- cat /opt/atlassian/pipelines/agent/ssh/known_hosts >> ~/.ssh/known_hosts
- chmod -R go-rwx ~/.ssh/
# Execute stop services and stop website commands on WEB2 via ssh
- ssh -A -i /root/.ssh/pipelines_id -o StrictHostKeyChecking=no -p 22 $WEB2_USER@MYSERVER.com net stop "SITEDev2TenantService"
- ssh -A -i /root/.ssh/pipelines_id -o StrictHostKeyChecking=no -p 22 $WEB2_USER@MYSERVER.com net stop '"SITE Dev2 SMS Service"'
- ssh -A -i /root/.ssh/pipelines_id -o StrictHostKeyChecking=no -p 22 $WEB2_USER@MYSERVER.com C:/Windows/System32/inetsrv/appcmd stop site SITEDev2
- ssh -A -i /root/.ssh/pipelines_id -o StrictHostKeyChecking=no -p 22 $WEB2_USER@MYSERVER.com C:/Windows/System32/inetsrv/appcmd stop site SITEDev2API
- step:
name: Backup existing files
script:
# Below commands create necessary files for manual ssh to WEB2
- mkdir -p ~/.ssh
- cp /opt/atlassian/pipelines/agent/ssh/id_rsa_tmp ~/.ssh/pipelines_id
- cat /opt/atlassian/pipelines/agent/ssh/known_hosts >> ~/.ssh/known_hosts
- chmod -R go-rwx ~/.ssh/
# Copy site files using robocopy to back them up
- ssh -A -i /root/.ssh/pipelines_id -o StrictHostKeyChecking=no -p 22 $WEB2_USER@MYSERVER.com 'robocopy E:/Sites/SITEDev2 E:/_backups/SITEDev2 /E /purge /NJS & if %errorlevel% leq 4 exit 0'
- ssh -A -i /root/.ssh/pipelines_id -o StrictHostKeyChecking=no -p 22 $WEB2_USER@MYSERVER.com 'robocopy E:/Sites/SITEDev2API E:/_backups/SITEDev2API /E /purge /NJS & if %errorlevel% leq 4 exit 0'
- ssh -A -i /root/.ssh/pipelines_id -o StrictHostKeyChecking=no -p 22 $WEB2_USER@MYSERVER.com 'robocopy E:/Services/SITEDev2TenantService E:/_backups/SITEDev2TenantService /E /purge /NJS & if %errorlevel% leq 4 exit 0'
- ssh -A -i /root/.ssh/pipelines_id -o StrictHostKeyChecking=no -p 22 $WEB2_USER@MYSERVER.com 'robocopy E:/Services/SITEDev2SMSService E:/_backups/SITEDev2SMSService /E /purge /NJS & if %errorlevel% leq 4 exit 0'
Notice lack of `-tt` parameter in SSH calls, as this was causing me a lot of trouble, only the first command would successfully run, even though the bitbucket pipeline didn't stop. Removing `-tt` allowed to run multiple commands without issues. Robocopy also has additional parameters passed as due to the way Robocopy works, it has to be forced sometimes to return a correct success code.
Nevertheless, this MODE could be implemented in the pipe, which would make it much easier for the Windows Server users to run commands over SSH from bitbucket pipelines.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.